10 Things You Need to Know About Kerberos

Posted by Eran Cohen on Jun 24, 2019 9:36:00 AM

As our research team continues to find vulnerabilities in Microsoft that bypass all major NTLM protection mechanisms, we start to wonder about the successor protocol that replaced NTLM in Windows versions above Windows 2000.

Enter Kerberos. Every child who grew up playing Dungeons and Dragons learned about the mythical creature of Kerberos (also known as Cerberus in Ancient Greek mythology)  - a three headed dog who guards the gates of Hell and prevents dead souls from returning to the world of the living.  

While that memory is nostalgic, most security professionals know Kerberos as a network authentication protocol designed to provide strong authentication for client/server applications by using secret-key cryptography.

Read More

Topics: Security Skills, NTLM, kerberos, Microsoft

What DevOps Can Teach Us About Cybersecurity

Posted by Ajit Sancheti on Mar 22, 2019 10:53:10 AM

DevOps and cybersecurity are both top priorities for many enterprises, as well as areas that have experienced considerable innovation recently. And even though these are two very different sides of IT, there are lessons to be learned between the two. Both areas are in the midst of major transitions. For application development the shift is from slow, monolithic releases to fast and responsive development cycles. For cybersecurity the shift is from the old perimeter block/allow enforcement model to more adaptive security that continuously looks for threats across the enterprise.

Read More

Topics: Security Skills, Adaptive Threat Prevention

How this Retailer Could have Kept my Business with Better IT Security Process

Posted by Heather Howland on Nov 3, 2017 8:24:28 AM

Hmm, I thought I remembered my password. As I tried to log into my account with a large retailer known for their athletic wear, I click the forgot password link. I enter my email address.

Read More

Topics: Security Skills, Multi-factor Authentication, Identity Verification, Credential Compromise

How Security Operations Can Safely Stop Investigating Benign True Positives

Posted by Eran Cohen on Apr 20, 2017 8:45:19 AM

True Positives. It’s a topic of great interest to me. Security Operations can spend a lot of time dealing with separating out the truly non-malicious events. There is an easier way. But, before we go further, let’s align and calibrate on the terminology of True/False Positives/Negatives. Some of these terms have varying levels of agreement. It reminds me of VLAN-- you can have 5 people in the room and there will be 6 different definitions for it. To make sure we are on the same page, let's start with basic definitions accompanied with real life examples. 

Read More

Topics: Security Skills, User and Entity Behavior Analytics, ueba, Incident Response

How Much Management Do You Need to Dedicate to UEBA? [Part 5 - Blog Series]

Posted by Heather Howland on Nov 11, 2016 4:54:15 PM

In this final blog of the series “A Closer Look Inside UEBA: Top 5 FAQs,” we’re going to discuss what it takes to manage UEBA and how it can make security teams much more efficient and less overwhelmed. 

Read More

Topics: CISO, Security Skills, ueba

The “Crying Wolf” Rating and Other Security Investment Qualifiers

Posted by Steve Herrod on Oct 27, 2016 3:50:21 PM

There is a lot of noise in the cybersecurity space with every company trying to differentiate itself by claiming to be the “next big thing”, but so few have risen to the top. And the security market has changed a lot in the past couple years. As a venture capitalist, I often get asked about how I see the market changing and how we cut through the noise to find and fund companies that are doing something truly unique and innovative and that really solves customer problems.

Read More

Topics: CISO, Insider Threats, Security Skills, ueba